漏洞描述
由于铭飞CMS文章列表接口content/list.do中的sqlWhere参数缺少对外部输入SQL语句的验证,未经身份验证的攻击者可利用该漏洞获取数据库敏感数据,进一步利用可获取服务器权限。
铭飞CMS list.do 存在SQL注入漏洞
PoC代码
暂无相关漏洞推荐
- POC drupal-directory-listing: Drupal Directory Listing
- POC apache-mod-negotiation-listing: Apache mod_negotiation - Pseudo Directory Listing
- POC gcs-bucket-listing: Google Cloud Storage - Public Bucket Listing
- POC jetty-directory-listing: Eclipse Jetty - Directory Listing Enabled
- POC wp-yith-woocommerce-wishlist-fpd: WordPress YITH WooCommerce Wishlist - Full Path Disclosure
- 大华ICC智能物联综合管理平台 ars_list SQL注入漏洞
- RuoYi AI /prod-api/system/model/list 信息泄露漏洞(CVE-2025-3199)
- POC (CVE-2025-15004)DedeCMS至5.7.118版本freelist_main.php文件orderby参数SQL注入漏洞
- POC 大华ICC智能物联综合管理平台 ars_list 存在SQL注入漏洞
- POC sharepoint-lists-api-disclosure: Microsoft SharePoint - List API Disclosure
- go-ldap-admin /api/log/operation/list 权限绕过漏洞(CVE-2025-13948)
- 用友时空-KSOA /worksheet/workslist.jsp SQL 注入漏洞
- POC CVE-2022-31101: Prestashop Blockwishlist 2.1.0 SQL Injection